projects
/
ansible.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix apache HTTP2HTTPS redirect config
[ansible.git]
/
roles
/
apache
/
tasks
/
main.yml
diff --git
a/roles/apache/tasks/main.yml
b/roles/apache/tasks/main.yml
index 8e262da085a5b2bcb9f5abc8bca5c17ffaf2efa9..8d1382c179fc857faaa5d0d36fd6acb615f6acac 100644
(file)
--- a/
roles/apache/tasks/main.yml
+++ b/
roles/apache/tasks/main.yml
@@
-1,5
+1,5
@@
- name: install apache
- name: install apache
- apt: name=apache2,python-netaddr state=latest
+ apt: name=apache2,python
3
-netaddr state=latest
- name: enable apache
service: name=apache2 enabled=yes
# apache config
- name: enable apache
service: name=apache2 enabled=yes
# apache config
@@
-35,6
+35,7
@@
- php5.conf
- security.conf
- defaults.conf
- php5.conf
- security.conf
- defaults.conf
+ - caching.conf
notify: apache
- name: enable config files
command: a2enconf {{ item }}
notify: apache
- name: enable config files
command: a2enconf {{ item }}
@@
-44,6
+45,7
@@
- ssl
- security
- defaults
- ssl
- security
- defaults
+ - caching
notify: apache
- name: disable config files
command: a2disconf {{ item }}
notify: apache
- name: disable config files
command: a2disconf {{ item }}
@@
-68,9
+70,13
@@
[Unit]
After=network-online.target
Wants=network-online.target
[Unit]
After=network-online.target
Wants=network-online.target
-- name: sysconfig to disable DAD
+ [Service]
+ Restart=on-failure
+- name: cleanup old sysconfig
+ file: path=/etc/sysctl.d/50-no-dad.conf state=absent
+- name: sysconfig to fix IPv6 listening
copy:
copy:
- dest: /etc/sysctl.d/50-
no-dad
.conf
+ dest: /etc/sysctl.d/50-
ipv6-listen
.conf
content: |
content: |
- #
Disable DAD so network-online.target works for IPv6
- net.ipv6.
conf.all.accept_dad=0
+ #
Allow binding to IPv6 address before we got that address
+ net.ipv6.
ip_nonlocal_bind=1